feat: change references from dirien to pulumi

.github/workflows/chart-publish.yaml

@@ -75,6 +75,6 @@ jobs:
             if [ -z "${pkg:-}" ]; then
               break
             fi
-            helm push "${pkg}" oci://ghcr.io/"${GITHUB_REPOSITORY_OWNER}"/charts |& tee .digest
+            helm push "${pkg}" oci://ghcr.io/pulumi/helm-charts |& tee .digest
             cosign sign -y $(cat .digest | awk -F "[, ]+" '/Pushed/{print $NF}')
           done          

.golangci.yml

@@ -0,0 +1,25 @@
+linters:
+  enable:
+    - deadcode
+    - errcheck
+    - goconst
+    - gofmt
+    - golint
+    - gosec
+    - govet
+    - ineffassign
+    - interfacer
+    - lll
+    - megacheck
+    - misspell
+    - nakedret
+    - structcheck
+    - unconvert
+    - varcheck
+  enable-all: false
+run:
+  skip-files:
+    - schema.go
+    - pulumiManifest.go
+  timeout: 20m
+

.goreleaser.yaml

@@ -45,7 +45,7 @@ signs:
     output: true
 
 dockers:
-  - image_templates: [ "ghcr.io/dirien/{{ .ProjectName }}:{{ .Version }}-amd64" ]
+  - image_templates: [ "ghcr.io/pulumi/{{ .ProjectName }}:{{ .Version }}-amd64" ]
     dockerfile: Dockerfile
     use: buildx
     build_flag_templates:
@@ -57,7 +57,7 @@ dockers:
       - --label=org.opencontainers.image.revision={{.FullCommit}}
       - --label=org.opencontainers.image.version={{.Version}}
       - --label=org.opencontainers.image.source={{.GitURL}}
-  - image_templates: [ "ghcr.io/dirien/{{ .ProjectName }}:{{ .Version }}-arm64" ]
+  - image_templates: [ "ghcr.io/pulumi/{{ .ProjectName }}:{{ .Version }}-arm64" ]
     goarch: arm64
     dockerfile: Dockerfile
     use: buildx
@@ -72,14 +72,14 @@ dockers:
       - --label=org.opencontainers.image.source={{.GitURL}}
 
 docker_manifests:
-  - name_template: 'ghcr.io/dirien/{{ .ProjectName }}:{{ .Version }}'
+  - name_template: 'ghcr.io/pulumi/{{ .ProjectName }}:{{ .Version }}'
     image_templates:
-      - 'ghcr.io/dirien/{{ .ProjectName }}:{{ .Version }}-amd64'
-      - 'ghcr.io/dirien/{{ .ProjectName }}:{{ .Version }}-arm64'
-  - name_template: 'ghcr.io/dirien/{{ .ProjectName }}:latest'
+      - 'ghcr.io/pulumi/{{ .ProjectName }}:{{ .Version }}-amd64'
+      - 'ghcr.io/pulumi/{{ .ProjectName }}:{{ .Version }}-arm64'
+  - name_template: 'ghcr.io/pulumi/{{ .ProjectName }}:latest'
     image_templates:
-      - 'ghcr.io/dirien/{{ .ProjectName }}:{{ .Version }}-amd64'
-      - 'ghcr.io/dirien/{{ .ProjectName }}:{{ .Version }}-arm64'
+      - 'ghcr.io/pulumi/{{ .ProjectName }}:{{ .Version }}-amd64'
+      - 'ghcr.io/pulumi/{{ .ProjectName }}:{{ .Version }}-arm64'
 
 
 docker_signs:

README.md

@@ -1,7 +1,16 @@
-# Pulumi ESC Secret Store CSI Driver
+# Pulumi ESC Secret Store CSI Driver - 🔒
+
+Pulumi ESC for the [Secrets Store CSI driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver) will allow
+you to mount Pulumi ESC secrets directly into your Kubernetes pods while not using k8s-native secretes in your
+Kubernetes cluster.
 
 ## Getting Started
 
+### Prerequisites
+
+- Kubernetes version >= 1.20
+- [Tilt](https://docs.tilt.dev/) (for local development) 
+
 ### Deploy Secret Store CSI Driver using Helm
 
 Secrets Store CSI Driver allows users to customize their installation via Helm.
@@ -21,7 +30,21 @@ namespace.
 tilt up
 ```
 
-### Deploy Pulumi ESC Secret Store CSI Driver - production
+### Deploy Pulumi ESC Secret Store CSI Driver - Kubernetes
+
+See [helm/README.md](chart/README.md) for instructions on how to deploy the Pulumi ESC Secret Store CSI Driver using
+Helm.
+
+## License ⚖️
+
+Apache License, Version 2.0
+
+## Source Code
+
+* <https://github.com/pulumi/pulumi-esc-csi-provider.git>
 
-See [helm/README.md](chart/README.md) for instructions on how to deploy the Pulumi ESC Secret Store CSI Driver using Helm.
+## Maintainers
 
+| Name | Email | Url |
+| ---- | ------ | --- |
+| dirien | <engin@pulumi.com> | <https://pulumi.com> |

Tiltfile

@@ -6,7 +6,7 @@ helm_remote('secrets-store-csi-driver',
 
 
 docker_build(
-    'ghcr.io/dirien/secrets-store-csi-driver-provider-pulumi-esc',
+    'ghcr.io/pulumi/secrets-store-csi-driver-provider-pulumi-esc',
     context='.',
     dockerfile='./Dockerfile.tilt',
     live_update=[

chart/pulumi-esc-csi-provider/Chart.yaml

@@ -4,7 +4,7 @@ description: A Helm chart for the Pulumi ESC CSI provider
 
 type: application
 
-version: 0.1.4
+version: 0.1.5
 appVersion: "0.1.0"
 
 maintainers:

chart/pulumi-esc-csi-provider/README.md

@@ -1,6 +1,6 @@
 # Pulumi ESC Secret Store CSI Driver - Helm Chart
 
-![Version: 0.1.4](https://img.shields.io/badge/Version-0.1.4-informational?style=for-the-badge) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=for-the-badge) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=for-the-badge)
+![Version: 0.1.5](https://img.shields.io/badge/Version-0.1.5-informational?style=for-the-badge) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=for-the-badge) ![AppVersion: 0.1.0](https://img.shields.io/badge/AppVersion-0.1.0-informational?style=for-the-badge)
 
 ## Description 📜
 
@@ -11,7 +11,7 @@ A Helm chart for the Pulumi ESC CSI provider
 To install the chart using the OCI artifact, run:
 
 ```bash
-helm install pulumi-esc-csi-provider oci://ghcr.io/dirien/charts/pulumi-esc-csi-provider --version 0.1.4 --namespace kube-system
+helm install pulumi-esc-csi-provider oci://ghcr.io/pulumi/helm-charts/pulumi-esc-csi-provider --version 0.1.5 --namespace kube-system
 ```
 
 After a few seconds, the `pulumi-esc-csi-provider` should be running.
@@ -20,7 +20,7 @@ To install the chart in a specific namespace use following commands:
 
 ```bash
 kubectl create ns pulumi-esc-csi-provider
-helm install pulumi-esc-csi-provider oci://ghcr.io/dirien/charts/pulumi-esc-csi-provider --namespace kube-system
+helm install pulumi-esc-csi-provider oci://ghcr.io/pulumi/helm-charts/pulumi-esc-csi-provider --namespace kube-system
 ```
 
 > **Tip**: List all releases using `helm list`, a release is a name used to track a specific deployment
@@ -41,7 +41,7 @@ The command removes all the Kubernetes components associated with the chart and
 |-----|------|---------|-------------|
 | args[0] | string | `"-endpoint=/provider/pulumi.sock"` |  |
 | image.pullPolicy | string | `"Always"` |  |
-| image.repository | string | `"ghcr.io/dirien/pulumi-esc-csi-provider"` |  |
+| image.repository | string | `"ghcr.io/pulumi/pulumi-esc-csi-provider"` |  |
 | image.tag | string | `""` |  |
 | labels | object | `{}` |  |
 | livenessProbe.failureThreshold | int | `2` |  |

chart/pulumi-esc-csi-provider/README.md.gotmpl

@@ -11,7 +11,7 @@
 To install the chart using the OCI artifact, run:
 
 ```bash
-helm install pulumi-esc-csi-provider oci://ghcr.io/dirien/charts/pulumi-esc-csi-provider --version {{ .Version }} --namespace kube-system
+helm install pulumi-esc-csi-provider oci://ghcr.io/pulumi/helm-charts/pulumi-esc-csi-provider --version {{ .Version }} --namespace kube-system
 ```
 
 After a few seconds, the `pulumi-esc-csi-provider` should be running.
@@ -20,7 +20,7 @@ To install the chart in a specific namespace use following commands:
 
 ```bash
 kubectl create ns pulumi-esc-csi-provider
-helm install pulumi-esc-csi-provider oci://ghcr.io/dirien/charts/pulumi-esc-csi-provider --namespace kube-system
+helm install pulumi-esc-csi-provider oci://ghcr.io/pulumi/helm-charts/pulumi-esc-csi-provider --namespace kube-system
 ```
 
 > **Tip**: List all releases using `helm list`, a release is a name used to track a specific deployment

chart/pulumi-esc-csi-provider/values.yaml

@@ -1,7 +1,7 @@
 name: pulumi-esc-csi-provider
 namespace: kube-system
 image:
-  repository: ghcr.io/dirien/pulumi-esc-csi-provider
+  repository: ghcr.io/pulumi/pulumi-esc-csi-provider
   tag: ''
   pullPolicy: Always
 

deployment/pulumi-esc-csi-provider.yaml

@@ -69,7 +69,7 @@ spec:
 
       containers:
       - name: secrets-store-csi-driver-provider-pulumi-esc
-        image: "ghcr.io/dirien/pulumi-esc-csi-provider:0.1.0"
+        image: "ghcr.io/pulumi/pulumi-esc-csi-provider:0.1.0"
         imagePullPolicy: Always
         resources:
           {}

go.mod

@@ -1,4 +1,4 @@
-module github.com/dirien/pulumi-esc-csi-provider
+module github.com/pulumi/pulumi-esc-csi-provider
 
 go 1.23.1
 

internal/auth/auth.go

@@ -1,4 +1,3 @@
-//go:generate mockgen -destination=mock_$GOPACKAGE/mock_$GOFILE -source=$GOFILE
 package auth
 
 import (

internal/config/config.go

@@ -2,12 +2,12 @@ package config
 
 import (
 	"fmt"
-	"gopkg.in/yaml.v3"
 	"os"
 	"reflect"
 	"strings"
 
 	"github.com/go-playground/validator/v10"
+	"gopkg.in/yaml.v3"
 )
 
 type Config struct {

internal/server/server.go

@@ -5,19 +5,19 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"github.com/dirien/pulumi-esc-csi-provider/internal/provider"
-	"gopkg.in/yaml.v3"
 	"log/slog"
 	"net"
 	"os"
 	"strconv"
 	"strings"
 	"time"
 
-	"github.com/dirien/pulumi-esc-csi-provider/internal/auth"
-	"github.com/dirien/pulumi-esc-csi-provider/internal/config"
 	"github.com/go-playground/validator/v10"
+	"github.com/pulumi/pulumi-esc-csi-provider/internal/auth"
+	"github.com/pulumi/pulumi-esc-csi-provider/internal/config"
+	"github.com/pulumi/pulumi-esc-csi-provider/internal/provider"
 	"google.golang.org/grpc"
+	"gopkg.in/yaml.v3"
 	"k8s.io/apimachinery/pkg/types"
 	pb "sigs.k8s.io/secrets-store-csi-driver/provider/v1alpha1"
 )
@@ -118,14 +118,17 @@ func (p *PulumiESCProviderServer) Mount(ctx context.Context, req *pb.MountReques
 		mountResponse.Error.Code = ErrorBadRequest
 		return mountResponse, fmt.Errorf("failed to get credentials, error: %w", err)
 	}
-	pulumiESCClint := provider.NewPulumiESCClient(credentials.Pat, mountConfig.APIURL, mountConfig.Project, mountConfig.Environment, mountConfig.Organization)
-	env, err := pulumiESCClint.EscClient.OpenEnvironment(pulumiESCClint.AuthCtx, mountConfig.Organization, mountConfig.Project, mountConfig.Environment)
+	pulumiESCClint := provider.NewPulumiESCClient(credentials.Pat, mountConfig.APIURL, mountConfig.Project,
+		mountConfig.Environment, mountConfig.Organization)
+	env, err := pulumiESCClint.EscClient.OpenEnvironment(pulumiESCClint.AuthCtx, mountConfig.Organization,
+		mountConfig.Project, mountConfig.Environment)
 	if err != nil {
 		return nil, err
 	}
 	secretMap := make(map[string]*secretItem)
 	for _, secret := range mountConfig.Secrets {
-		val, _, err := pulumiESCClint.EscClient.ReadEnvironmentProperty(pulumiESCClint.AuthCtx, mountConfig.Organization, mountConfig.Project, mountConfig.Environment, env.GetId(), secret.SecretKey)
+		val, _, err := pulumiESCClint.EscClient.ReadEnvironmentProperty(pulumiESCClint.AuthCtx,
+			mountConfig.Organization, mountConfig.Project, mountConfig.Environment, env.GetId(), secret.SecretKey)
 		if err != nil {
 			return nil, err
 		}
@@ -162,7 +165,8 @@ func (p *PulumiESCProviderServer) Mount(ctx context.Context, req *pb.MountReques
 	for _, value := range secretMap {
 		files = append(files, &pb.File{Path: value.FileName, Mode: int32(mountConfig.FilePermission), Contents: value.Value})
 		ov = append(ov, &pb.ObjectVersion{Id: value.FileName, Version: value.Version})
-		slog.Info(fmt.Sprintf("secret added to mount response, directory: %v, file: %v", mountConfig.TargetPath, value.FileName))
+		slog.Info(fmt.Sprintf("secret added to mount response, directory: %v, file: %v",
+			mountConfig.TargetPath, value.FileName))
 	}
 
 	return &pb.MountResponse{

main.go

@@ -4,16 +4,18 @@ import (
 	"context"
 	"flag"
 	"fmt"
-	"github.com/dirien/pulumi-esc-csi-provider/internal/auth"
-	"github.com/dirien/pulumi-esc-csi-provider/internal/server"
-	"k8s.io/client-go/kubernetes"
-	"k8s.io/client-go/rest"
 	"log"
 	"net/http"
 	"os"
 	"os/signal"
 	"strings"
 	"syscall"
+	"time"
+
+	"github.com/pulumi/pulumi-esc-csi-provider/internal/auth"
+	"github.com/pulumi/pulumi-esc-csi-provider/internal/server"
+	"k8s.io/client-go/kubernetes"
+	"k8s.io/client-go/rest"
 )
 
 const figletStr = `
@@ -74,8 +76,9 @@ func main() {
 func startHealthCheck() chan error {
 	mux := http.NewServeMux()
 	ms := http.Server{
-		Addr:    fmt.Sprintf(":%s", *healthPort),
-		Handler: mux,
+		Addr:              fmt.Sprintf(":%s", *healthPort),
+		Handler:           mux,
+		ReadHeaderTimeout: 10 * time.Second,
 	}
 
 	errorCh := make(chan error)